Stephan Wälde (Lead Cloud Architect bei der Glück & Kanja Consulting AG)
Twitter: @stephanwaelde
Blog: https://stephanwaelde.com
Begriffserklärung
Access Token / bearer token
OAUTH
User vs. App
Besser Principal und Ressource Owner
Client != Device
Client eher Anwendung
Delegated vs App Permission
Basic
Ressource MS Graph
Ressource Owner
Client (Anwendung: Client ID)
Auth Server (AAD)
Access Token --> Resource
Refresh Token --> AAD
ID Token --> client
Username, Displayname, Email
Azure AD
PRT --> sso browser holt sich von OS
MSAL aware apps machen SSO
Enterprise Apps
Wie kann man die Tokens "anfassen"?
https://JWT.MS (ID und Access Token)
Fiddler
F12
Oder selber schreiben
Frage an Jan :)
RFC von OAUTH 2.0https://tools.ietf.org/html/rfc6749
039 - Top 10 Take-Aways Ignite 2019 mit Oliver Kieselbach
038 - EN - Ignite 2019 - Hadar Feldman
037 - EN - Ignite 2019 - Girish Chander
036 - EN - Ignite 2019 - Heike Ritter
035 - EN - Ignite 2019 - Stefan van der Wiele
034 - EN - Ignite 2019 - Kim Kischel
033 - EN - Ignite 2019 - Alex Simons
032 - EN - Ignite 2019 - Brad Anderson
031 - Ignite 2019 Pre-Day
030 - User Talks und Microsoft Stream Update
029 - Evilginx, Alex Weinert und Modern Collab Licensing
028 - Gummi Enten und O4B B2B Sync
027 – Christopher Hackenschmidt
026 - Zero Trust und Modern Collab Roadmap
025 - Böse Externe und MDATP Evaluation Lab
024 - Office ATP Safe Attachments und Teams App permission policies
023 - AAD B2B OTP SPO - MfG und FIDO2 SignIn to AAD
022 - SMIME for Outlook und Private Teams Discovery - Visibility WTF
021 - Certified Apps Control und ShareGate Apricot
020 - Ausgeyammert und Cloud Security Operations Center
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Acquired